apiVersion: apps/v1 kind: Deployment metadata: name: jupyter-notebook labels: app: jupyter-notebook spec: replicas: 1 selector: matchLabels: app: jupyter-notebook template: metadata: labels: app: jupyter-notebook spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/hostname operator: In values: - arm-seoul-2 securityContext: runAsUser: 0 runAsGroup: 0 containers: - name: minimal-notebook image: jupyter/minimal-notebook:hub-2.1.1 env: - name: NB_UID value: '5001' - name: NB_GROUP value: '5001' ports: - containerPort: 8888 volumeMounts: - mountPath: /home/jovyan/work name: jupter-notebook-pvc volumes: - name: jupter-notebook-pvc persistentVolumeClaim: claimName: jupter-notebook-pvc --- kind: Service apiVersion: v1 metadata: name: jupyter-notebook-svc spec: type: ClusterIP selector: app: jupyter-notebook ports: - protocol: TCP port: 8888 targetPort: 8888 --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: jupyter-notebook-ingress annotations: cert-manager.io/cluster-issuer: "cm-cf" kubernetes.io/ingress.class: "traefik" ingress.kubernetes.io/auth-type: "basic" ingress.kubernetes.io/auth-secret: "jupyter-http-secret" # message to display with an appropiate context why the authentication is required nginx.ingress.kubernetes.io/auth-realm: "Authentication Required - Jupyter Notebook" spec: rules: - host: jupyter.107421.xyz http: paths: - path: / pathType: ImplementationSpecific backend: service: name: jupyter-notebook-svc port: number: 8888 tls: - hosts: - jupyter.107421.xyz secretName: jupyter.107421.xyz-tls --- apiVersion: v1 kind: Secret metadata: name: jupyter-http-secret data: # base64 of wdd:{SHA}N1fO1sXGJqU8rxc98bcuilN4R9s= # generate by htpasswd # centos yum -y install httpd # ubuntu apt-get install apache2-utils secret: | d2RkOntTSEF9TjFmTzFzWEdKcVU4cnhjOThiY3VpbE40UjlzPQo=